package com.af.security.auth.phone;

import org.springframework.security.authentication.AbstractAuthenticationToken;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.SpringSecurityCoreVersion;

import java.util.Collection;

/**
 * @author : zhenyun.su
 * @comment : 手机认证令牌, 参考： DaoAuthenticationToken
 * @since : 2020-9-22
 */

public class PhoneAuthenticationToken extends AbstractAuthenticationToken {
    private static final long serialVersionUID = SpringSecurityCoreVersion.SERIAL_VERSION_UID;
    private final Object principal;
    private String phone;
    private String verificationCode;

    public PhoneAuthenticationToken(Object principal, String phone, String verificationCode) {
        super((Collection)null);
        this.principal = principal;
        this.phone = phone;
        this.verificationCode = verificationCode;
        this.setAuthenticated(false);
    }

    public PhoneAuthenticationToken(Object principal, Collection<? extends GrantedAuthority> authorities) {
        super(authorities);
        this.principal = principal;
        super.setAuthenticated(true);
    }

    @Override
    public Object getCredentials() {
        return null;
    }

    @Override
    public Object getPrincipal() {
        return this.principal;
    }

    @Override
    public void setAuthenticated(boolean isAuthenticated) throws IllegalArgumentException {
        if (isAuthenticated) {
            throw new IllegalArgumentException("Cannot set this token to trusted - use constructor which takes a GrantedAuthority list instead");
        } else {
            super.setAuthenticated(false);
        }
    }

    @Override
    public void eraseCredentials() {
        super.eraseCredentials();
    }

    public String getPhone() {
        return phone;
    }

    public String getVerificationCode() {
        return verificationCode;
    }
}
